package com.jian.java.controller;

import com.jian.java.bean.User;
import org.springframework.security.access.annotation.Secured;
import org.springframework.security.access.prepost.PostAuthorize;
import org.springframework.security.access.prepost.PostFilter;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.access.prepost.PreFilter;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

import java.util.Arrays;
import java.util.List;

/**
 * @author Jiange
 * @create 2021-05-05-17:33
 */
@RestController
public class MyController {
//    @Secured({"ROLE_admin","ROLE_a"})
//    @PreAuthorize("hasAnyAuthority('admin')")
//    @PostAuthorize("")
//    @PostFilter() 方法返回数据过滤
    @PostFilter("strings.username == 'Lizijain'") //方法传入数据检验
    @GetMapping("/1")
    public List<User> test1(){
        List<User> strings = Arrays.asList(new User());
        return strings;
    }
}
